Palo Alto Networks updates Prisma Cloud to secure the full app lifecycle

The latest version of Prisma Cloud offers cloud code security, agentless security and other enhancements to embed security into the entire application lifecycle.

Embracing the concept of DevSecOps, Palo Alto Networks on Tuesday rolled out Prisma Cloud 3.0, bringing a number of updates to the platform focused on the security of the entire application development lifecycle. That includes infrastructure as code (IaC) security and agentless security. 

Palo Alto launched Prisma Cloud in 2019 as a comprehensive cloud security suite designed to govern access, protect data and secure applications consistently. Offering a comprehensive, integrated security platform has become all the more important in the wake of the COVID-19 pandemic when workforces are increasingly dispersed, Palo Alto's chief product officer Lee Klarich told reporters. Prisma Cloud attempts to offer consistent network security across campuses, branches, remote offices and anywhere else. 

People are not just working from home but "increasingly working from anywhere," Klarich said. "How do we safely enable that construct that is increasingly becoming the norm?"

Comprehensive cloud security starts in the app development phase, Palo Alto contends. With Cloud Code Security, the company is adding IaC scanning and code fixes directly into developer tools across the development lifecycle. This will help catch misconfigurations in code templates that can lead to thousands of alerts in runtime. 

Meanwhile, Prisma Cloud is unique in offering both agentless and agent-based security built into the same platform, with rules and results managed from a single UI. Agentless Security provides visibility into an organization's cloud workload and application risks -- it's meant to complement existing agent-based protection. 

Prisma Cloud 3.0 also expands Cloud Infrastructure Entitlement Management (CIEM) to Microsoft Azure. This builds on already existing functionality available for Amazon Web Services (AWS).

Palo Alto on Tuesday also unveiled its next-generation CASB (Cloud Access Security Broker) to help organizations safely adopt new SaaS applications. It automatically secures new applications, including collaboration tools. It protects sensitive data in real-time using machine learning, natural language processing and optical character recognition. 

Palo Alto also announced the first specialization for its NextWave Managed Service Program. The new specialization focuses on  Cortex XDR, Palo Alto Network's extended detection and response service that natively integrates network, endpoint and cloud data.

The NextWave Managed Service Program (MSP) includes close to 300 partners worldwide that help Palo Alto customers get the most out of their investments. The program provides partners with the tools, training, incentives and resources to promote the adoption of Palo Alto Networks-based managed services. 

With the Cortex eXtended Managed Detection and Response (XMDR) specialization, customers should get help streamlining security operations center (SOC) operations and mitigating cyber threats. To achieve the new specialization status, partners must have Cortex XDR-certified SOC analysts/threat hunters on staff and be available around the clock.